azizasm/forticlientsslvpn-expect.sh

## forticlientsslvpn-expect.sh
#!/bin/bash

# Forticlient SSL VPN Client / expect

# --------------------------------------------
# CONFIGURATION


FORTICLIENT_PATH=""

# VPN Credentials
VPN_HOST="hostname:443"
VPN_USER="username"
VPN_PASS="pass"

# --------------------------------------------

# /opt/forticlient-sslvpn/64bit/forticlientsslvpn_cli --server hostname:443 --vpnuser username --keepalive
#

trap ctrl_c INT

function ctrl_c() {
  echo "Removing left-over files..."
  rm -f /tmp/expect
}

if [[ $EUID -ne 0 ]]; then
  echo "This script must be run as root"
  exit 1
fi

if [ -z "$FORTICLIENT_PATH" ]; then
  FORTICLIENT_PATH=`uname -a | grep -q 64 && echo $(locate forticlientsslvpn_cli | grep 64bit) || echo $(locate forticlientsslvpn_cli | grep 32bit)`
  if [ ! -f $FORTICLIENT_PATH ]; then
    echo "Tried to locate Forticlient SSL VPN Cli binary, but failed."
    echo "Specify it at variable FORTCLIENT_PATH"
    exit 1
  fi
  echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH"
fi

echo "Killing previous instances of Forticlient SSL VPN client..."
killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null


cat << EOF > /tmp/expect
#!/usr/bin/expect -f
match_max 1000000
set timeout -1
spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive
expect "Password for VPN:"
send -- "$VPN_PASS"
send -- "\r"

expect "Would you like to connect to this server? (Y/N)"
send -- "Y"
send -- "\r"

expect "Tunnel closed"
close

expect "Clean up..."
close
EOF

chmod 500 /tmp/expect
/usr/bin/expect -f /tmp/expect

rm -f /tmp/expect

## mon-forticlientsslvpn-expect.sh
#! /bin/bash

while true; do

case "$(pidof expect | wc -w)" in

0)  echo "Restarting expect:     $(date)" >> /var/log/expect.txt
    /home/osboxes/forticlientsslvpn-expect.sh &
    ;;
1)  # all ok
    ;;
*)  echo "Removed double expect: $(date)" >> /var/log/expect.txt
    kill $(pidof expect | awk '{print $1}')
    ;;
esac


sleep 3
done
	#!/bin/bash

	# Forticlient SSL VPN Client / expect

	# --------------------------------------------
	# CONFIGURATION


	FORTICLIENT_PATH=""

	# VPN Credentials
	VPN_HOST="hostname:443"
	VPN_USER="username"
	VPN_PASS="pass"

	# --------------------------------------------

	# /opt/forticlient-sslvpn/64bit/forticlientsslvpn_cli --server hostname:443 --vpnuser username --keepalive
	#

	trap ctrl_c INT

	function ctrl_c() {
	echo "Removing left-over files..."
	rm -f /tmp/expect
	}

	if [[ $EUID -ne 0 ]]; then
	echo "This script must be run as root"
	exit 1
	fi

	if [ -z "$FORTICLIENT_PATH" ]; then
	FORTICLIENT_PATH=`uname -a \| grep -q 64 && echo $(locate forticlientsslvpn_cli \| grep 64bit) \|\| echo $(locate forticlientsslvpn_cli \| grep 32bit)`
	if [ ! -f $FORTICLIENT_PATH ]; then
	echo "Tried to locate Forticlient SSL VPN Cli binary, but failed."
	echo "Specify it at variable FORTCLIENT_PATH"
	exit 1
	fi
	echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH"
	fi

	echo "Killing previous instances of Forticlient SSL VPN client..."
	killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null


	cat << EOF > /tmp/expect
	#!/usr/bin/expect -f
	match_max 1000000
	set timeout -1
	spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive
	expect "Password for VPN:"
	send -- "$VPN_PASS"
	send -- "\r"

	expect "Would you like to connect to this server? (Y/N)"
	send -- "Y"
	send -- "\r"

	expect "Tunnel closed"
	close

	expect "Clean up..."
	close
	EOF

	chmod 500 /tmp/expect
	/usr/bin/expect -f /tmp/expect

	rm -f /tmp/expect
	#! /bin/bash

	while true; do

	case "$(pidof expect \| wc -w)" in

	0) echo "Restarting expect: $(date)" >> /var/log/expect.txt
	/home/osboxes/forticlientsslvpn-expect.sh &
	;;
	1) # all ok
	;;
	*) echo "Removed double expect: $(date)" >> /var/log/expect.txt
	kill $(pidof expect \| awk '{print $1}')
	;;
	esac


	sleep 3
	done